Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/27BFD5F4B9F411EEAA17BAA1775412E6.roa
File: 27BFD5F4B9F411EEAA17BAA1775412E6.roa (raw, json)
Hash identifier: 0ZQafyCzu7GWpNY+0PsiUTjdYkrVziyZ0cLrBAOEuIw=
Subject key identifier: D8:65:E5:60:3A:CF:27:DE:B9:AD:37:F2:6E:D7:A6:92:73:3C:DF:04
Certificate issuer: /CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
Certificate serial: 0251
Authority key identifier: 09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01
Authority info access: rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/27BFD5F4B9F411EEAA17BAA1775412E6.roa
Signing time: Tue 23 Jan 2024 13:34:39 +0000
ROA not before: Tue 23 Jan 2024 13:34:35 +0000
ROA not after: Wed 22 Jan 2025 13:34:35 +0000
asID: 174
IP address blocks: 66.251.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.crl
rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.mft
rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 29 Apr 2024 20:10:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 593 (0x251)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
Validity
Not Before: Jan 23 13:34:35 2024 GMT
Not After : Jan 22 13:34:35 2025 GMT
Subject: CN=65afc06e-9e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9c:a7:8d:e4:14:56:ab:e1:eb:84:c1:a8:44:
53:33:c1:1b:8c:50:97:c0:44:c6:82:c2:cb:ce:bc:
61:25:61:1b:b8:d1:7b:bd:b1:b4:52:19:fa:7f:d1:
44:3a:2c:21:ad:4f:2e:63:d2:b7:be:61:31:4e:ba:
60:52:0e:ce:c4:82:1a:8e:13:ce:3b:3e:03:de:7b:
ea:b3:84:da:32:35:41:e2:04:40:51:72:95:65:c1:
6c:e9:23:8d:ae:66:15:7d:c4:07:42:74:4d:cc:04:
2e:85:30:9d:b2:32:4e:b5:9c:40:63:c5:b6:01:ab:
34:55:5e:e2:72:24:b9:b7:39:3e:bf:50:6c:30:69:
28:fc:0d:ee:de:f2:d3:05:fe:74:78:93:44:d9:d2:
54:a1:d6:b4:b2:79:c0:5f:20:4b:3a:16:b9:c5:3c:
a5:49:4b:d5:aa:1e:32:56:d6:06:eb:aa:c0:0d:ed:
f5:e1:0c:c5:53:35:45:a1:58:21:c3:62:fb:f9:ba:
7a:a1:81:af:bf:0f:2f:62:62:3e:2f:30:c3:51:9b:
bc:e3:87:d7:5b:0b:39:a3:ab:82:75:a8:75:19:4f:
75:c1:98:d2:ae:0f:f1:4f:54:ed:b8:13:fd:ce:36:
d8:f0:39:d0:cc:73:f6:75:49:42:69:d2:6a:40:d6:
9b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:65:E5:60:3A:CF:27:DE:B9:AD:37:F2:6E:D7:A6:92:73:3C:DF:04
X509v3 Authority Key Identifier:
keyid:09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/27BFD5F4B9F411EEAA17BAA1775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
66.251.183.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:ed:a5:18:22:d2:d8:dd:11:1b:55:ae:36:8d:b2:d8:81:6b:
b4:b3:7d:15:a8:7d:6a:79:32:6f:7b:79:c5:44:a4:95:5a:95:
44:90:ef:7c:da:84:a2:e8:0e:07:29:60:2e:37:37:29:86:17:
be:90:03:2f:ee:13:6f:92:79:33:e2:93:a9:0d:6f:f9:88:09:
f4:74:5f:21:62:3a:2e:e1:b5:b2:f5:fc:66:be:e5:4e:0c:41:
53:fb:77:9c:ce:1e:70:3e:f9:95:75:b3:a8:17:c7:4a:da:55:
20:d6:39:3d:ef:14:76:71:99:73:56:e0:b4:0e:35:f8:81:24:
29:91:90:44:70:d0:12:63:8c:6c:92:97:9d:83:52:38:21:38:
ca:84:8f:00:eb:90:3b:ee:c3:a2:9a:86:6d:2d:e9:ac:e8:de:
43:bc:4b:95:eb:62:20:ed:ee:5a:59:1a:46:4d:f5:75:ca:31:
4b:5a:11:3d:e5:91:74:c7:62:42:cf:dd:68:ed:3a:0c:45:8c:
b3:5d:df:09:78:10:20:68:46:8d:1d:32:88:2a:c5:45:d0:4f:
4e:04:02:49:96:b5:6e:e9:d1:2e:18:c6:8b:3b:5f:1c:43:a3:
c6:1a:bb:95:04:fc:03:52:21:da:ae:9a:25:d9:7e:73:da:b6:
3a:a6:ae:73
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAlEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NTlGOUNBUjExMC8GA1UEBRMoMDlGQjMxMzZFQ0Q1RTNEN0NGMDBCMzJDMTIxRjEy
RThBRkQwQTYwMTAeFw0yNDAxMjMxMzM0MzVaFw0yNTAxMjIxMzM0MzVaMBgxFjAU
BgNVBAMTDTY1YWZjMDZlLTllMGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCanKeN5BRWq+HrhMGoRFMzwRuMUJfARMaCwsvOvGElYRu40Xu9sbRSGfp/
0UQ6LCGtTy5j0re+YTFOumBSDs7EghqOE847PgPee+qzhNoyNUHiBEBRcpVlwWzp
I42uZhV9xAdCdE3MBC6FMJ2yMk61nEBjxbYBqzRVXuJyJLm3OT6/UGwwaSj8De7e
8tMF/nR4k0TZ0lSh1rSyecBfIEs6FrnFPKVJS9WqHjJW1gbrqsAN7fXhDMVTNUWh
WCHDYvv5unqhga+/Dy9iYj4vMMNRm7zjh9dbCzmjq4J1qHUZT3XBmNKuD/FPVO24
E/3ONtjwOdDMc/Z1SUJp0mpA1puLAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU2GXl
YDrPJ965rTfybtemknM83wQwHwYDVR0jBBgwFoAUCfsxNuzV49fPALMsEh8S6K/Q
pgEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIyNDY4L0Nmc3hO
dXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0Nmc3hOdXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIy
NDY4LzI3QkZENUY0QjlGNDExRUVBQTE3QkFBMTc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABC+7cwDQYJKoZIhvcNAQELBQAD
ggEBAGztpRgi0tjdERtVrjaNstiBa7SzfRWofWp5Mm97ecVEpJValUSQ73zahKLo
DgcpYC43NymGF76QAy/uE2+SeTPik6kNb/mICfR0XyFiOi7htbL1/Ga+5U4MQVP7
d5zOHnA++ZV1s6gXx0raVSDWOT3vFHZxmXNW4LQONfiBJCmRkERw0BJjjGySl52D
UjghOMqEjwDrkDvuw6Kahm0t6azo3kO8S5XrYiDt7lpZGkZN9XXKMUtaET3lkXTH
YkLP3WjtOgxFjLNd3wl4ECBoRo0dMogqxUXQT04EAkmWtW7p0S4Yxos7XxxDo8Ya
u5UE/ANSIdqumiXZfnPatjqmrnM=
-----END CERTIFICATE-----
Generated at Sat Apr 27 22:32:22 2024 by rpki-client on console-ams.rpki-client.org